Nix软件包管理器和GitLab的问题

时间:2019-03-29 21:10:16

标签: git gitlab devops nix

我正在OSX Mojave上使用Nix软件包管理器。

我的同事正在使用OSX的早期版本。不知道这是他们没有遇到此问题的原因。

我无法连接到我明确有权访问的特定私有gitlab存储库。我可以直接克隆它,但是在构建它所包含的项目时却无法构建它。

这是我的default.nix文件的相关摘录。有人告诉我fetchgitPrivate已过时。我曾尝试在此文件中将其替换为fetchGit,但无法正常工作。

      my-private-gitlab-repo = self.callCabal2nix "my-private-gitlab-repo" (pkgs.fetchgitPrivate {
        url = "git@gitlab.com/namehere/my-private-gitlab-repo.git";
        rev = "...";
        sha256 = "...";
      }) {};

这是我得到的错误:

reallymemorables-MacBook-Pro:localclone reallymemorable$ ./scripts/ghci-backend
building '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo.drv'...
exporting ssh://git@gitlab.com/namehere/my-private-gitlab-repo.git (rev kjsdjfksdjklfsjkldjfksjdfskldf) into /nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo-asddfs
Initialized empty Git repository in /nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo-asddfs/.git/
git@gitlab.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
git@gitlab.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
Unable to checkout khjsdfkhdsjhklsdjhfksdhfjksdh from ssh://git@gitlab.com/namehere/my-private-gitlab-repo.git.
builder for '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo-asdffdsgfd.drv' failed with exit code 1
cannot build derivation '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo.drv': 1 dependencies couldn't be built
error: build of '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo.drv' failed
(use '--show-trace' to show detailed location information)

我对如何继续完全迷失了。我尝试将ssh密钥放入Shared和普通OSX用户中。我已经尝试了100万个权限排列。

1 个答案:

答案 0 :(得分:1)

与Nix 2.x配合使用的正确方法是builtins.fetchGit,但这不是直接替代:您需要删除sha256参数。由于builtins.fetchGit是在您自己的用户帐户下运行 而不是作为Nix构建器运行,因此它完全解决了权限问题:您可以自己访问的任何内容(密钥环,YubiKey或智能卡,或者仅仅是~/.ssh调用的git副本可以访问您的builtins.fetchGit目录。

因此:

my-private-gitlab-repo = self.callCabal2nix "my-private-gitlab-repo" (builtins.fetchGit {
  url = "git@gitlab.com/namehere/my-private-gitlab-repo.git";
  rev = "...";
}) {};
相关问题
最新问题